5 matches found
CVE-2024-49763
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763 PlexRipper allows API leak due to open CORS policy
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763 PlexRipper allows API leak due to open CORS policy
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
PT-2024-33673 · Unknown · Plexripper
Name of the Vulnerable Software and Affected Versions: PlexRipper versions prior to 0.24.0 Description: PlexRipper's open CORS policy allows attackers to gain sensitive information by getting the user to access the attacker's domain. This enables an attacking website to access the...